Use default crypto engine if none set

sop · Aug 3, 2017 · 9f79538 · 9f79538
1 parent 88bd35c
commit 9f79538
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 19 deletions.
diff --git a/lib/PKCS8/EncryptedPrivateKeyInfo.php b/lib/PKCS8/EncryptedPrivateKeyInfo.php
@@ -144,11 +144,11 @@ public function toPEM()
      * Decrypt PrivateKeyInfo from the encrypted data using password based
      * encryption.
      *
-     * @param string $password
-     * @param Crypto $crypto
+     * @param string $password Password
+     * @param Crypto|null $crypto Crypto engine, use default if not set
      * @return PrivateKeyInfo
      */
-    public function decryptWithPassword($password, Crypto $crypto)
+    public function decryptWithPassword($password, Crypto $crypto = null)
     {
         $ai = $this->_algo;
         if (!($ai instanceof PBEAlgorithmIdentifier)) {
@@ -173,11 +173,11 @@ public function decryptWithPassword($password, Crypto $crypto)
      * @param PrivateKeyInfo $pki Private key info
      * @param PBEAlgorithmIdentifier $algo Encryption algorithm
      * @param string $password Password
-     * @param Crypto $crypto
+     * @param Crypto|null $crypto Crypto engine, use default if not set
      * @return self
      */
     public static function encryptWithPassword(PrivateKeyInfo $pki,
-        PBEAlgorithmIdentifier $algo, $password, Crypto $crypto)
+        PBEAlgorithmIdentifier $algo, $password, Crypto $crypto = null)
     {
         $scheme = PBEScheme::fromAlgorithmIdentifier($algo, $crypto);
         $ciphertext = $scheme->encrypt($pki->toDER(), $password);
@@ -191,11 +191,11 @@ public static function encryptWithPassword(PrivateKeyInfo $pki,
      * @param PrivateKeyInfo $pki Private key info
      * @param PBEAlgorithmIdentifier $algo Encryption algorithm
      * @param string $key Key derived from a password
-     * @param Crypto $crypto
+     * @param Crypto|null $crypto Crypto engine, use default if not set
      * @return self
      */
     public static function encryptWithDerivedKey(PrivateKeyInfo $pki,
-        PBEAlgorithmIdentifier $algo, $key, Crypto $crypto)
+        PBEAlgorithmIdentifier $algo, $key, Crypto $crypto = null)
     {
         $scheme = PBEScheme::fromAlgorithmIdentifier($algo, $crypto);
         $ciphertext = $scheme->encryptWithKey($pki->toDER(), $key);

diff --git a/test/unit/EncryptedPrivateKeyInfoTest.php b/test/unit/EncryptedPrivateKeyInfoTest.php
@@ -2,7 +2,6 @@
 use ASN1\Type\Constructed\Sequence;
 use ASN1\Type\Primitive\ObjectIdentifier;
 use ASN1\Type\Primitive\OctetString;
-use Sop\CryptoBridge\Crypto;
 use Sop\CryptoEncoding\PEM;
 use Sop\CryptoTypes\AlgorithmIdentifier\GenericAlgorithmIdentifier;
 use Sop\CryptoTypes\AlgorithmIdentifier\Cipher\AES256CBCAlgorithmIdentifier;
@@ -72,7 +71,7 @@ public function testCreate(EncryptedPrivateKeyInfo $refkey)
         $pki = PrivateKeyInfo::fromPEM(self::$_pem_pk);
         $algo = new PBEWithSHA1AndRC2CBCAlgorithmIdentifier($salt, $count);
         $epki = EncryptedPrivateKeyInfo::encryptWithPassword($pki, $algo,
-            self::PASSWORD, Crypto::getDefault());
+            self::PASSWORD);
         $this->assertInstanceOf(EncryptedPrivateKeyInfo::class, $epki);
         return $epki;
     }
@@ -108,7 +107,7 @@ public function testEncryptedData(EncryptedPrivateKeyInfo $epki)
      */
     public function testDecrypt(EncryptedPrivateKeyInfo $epki)
     {
-        $pki = $epki->decryptWithPassword(self::PASSWORD, Crypto::getDefault());
+        $pki = $epki->decryptWithPassword(self::PASSWORD);
         $this->assertInstanceOf(PrivateKeyInfo::class, $pki);
         return $pki;
     }
@@ -121,7 +120,7 @@ public function testDecrypt(EncryptedPrivateKeyInfo $epki)
      */
     public function testDecryptFail(EncryptedPrivateKeyInfo $epki)
     {
-        $epki->decryptWithPassword("nope", Crypto::getDefault());
+        $epki->decryptWithPassword("nope");
     }
 
     /**
@@ -137,7 +136,7 @@ public function testDecryptInvalidAlgo(EncryptedPrivateKeyInfo $epki)
         $prop = $refl->getProperty("_algo");
         $prop->setAccessible(true);
         $prop->setValue($epki, new GenericAlgorithmIdentifier("1.3.6.1.3"));
-        $epki->decryptWithPassword("nope", Crypto::getDefault());
+        $epki->decryptWithPassword("nope");
     }
 
     /**
@@ -190,7 +189,7 @@ public function testCreateV2(EncryptedPrivateKeyInfo $refkey)
             new PBKDF2AlgorithmIdentifier($salt, $count),
             new DESEDE3CBCAlgorithmIdentifier($iv));
         $epki = EncryptedPrivateKeyInfo::encryptWithPassword($pki, $algo,
-            self::PASSWORD, Crypto::getDefault());
+            self::PASSWORD);
         $this->assertInstanceOf(EncryptedPrivateKeyInfo::class, $epki);
         return $epki;
     }
@@ -215,7 +214,7 @@ public function testV2EqualsToRef(EncryptedPrivateKeyInfo $ref,
      */
     public function testDecryptV2(EncryptedPrivateKeyInfo $epki)
     {
-        $pki = $epki->decryptWithPassword(self::PASSWORD, Crypto::getDefault());
+        $pki = $epki->decryptWithPassword(self::PASSWORD);
         $this->assertInstanceOf(PrivateKeyInfo::class, $pki);
         return $pki;
     }
@@ -236,12 +235,11 @@ public function testEncryptWithKey(EncryptedPrivateKeyInfo $refkey)
         $algo = new PBES2AlgorithmIdentifier(
             new PBKDF2AlgorithmIdentifier($salt, $count),
             new DESEDE3CBCAlgorithmIdentifier($iv));
-        $scheme = PBEScheme::fromAlgorithmIdentifier($algo, Crypto::getDefault());
+        $scheme = PBEScheme::fromAlgorithmIdentifier($algo);
         $key = $scheme->kdf()->derive(self::PASSWORD, $salt, $count,
             $algo->esAlgorithmIdentifier()
                 ->keySize());
-        $epki = EncryptedPrivateKeyInfo::encryptWithDerivedKey($pki, $algo, $key,
-            Crypto::getDefault());
+        $epki = EncryptedPrivateKeyInfo::encryptWithDerivedKey($pki, $algo, $key);
         $this->assertEquals($refkey->toDER(), $epki->toDER());
     }
 
@@ -274,7 +272,7 @@ public function testCreateV2AES(EncryptedPrivateKeyInfo $refkey)
             new PBKDF2AlgorithmIdentifier($salt, $count, null, $prf_algo),
             new AES256CBCAlgorithmIdentifier($iv));
         $epki = EncryptedPrivateKeyInfo::encryptWithPassword($pki, $algo,
-            self::PASSWORD, Crypto::getDefault());
+            self::PASSWORD);
         $this->assertInstanceOf(EncryptedPrivateKeyInfo::class, $epki);
         return $epki;
     }
@@ -299,7 +297,7 @@ public function testV2AESEqualsToRef(EncryptedPrivateKeyInfo $ref,
      */
     public function testDecryptV2AES(EncryptedPrivateKeyInfo $epki)
     {
-        $pki = $epki->decryptWithPassword(self::PASSWORD, Crypto::getDefault());
+        $pki = $epki->decryptWithPassword(self::PASSWORD);
         $this->assertInstanceOf(PrivateKeyInfo::class, $pki);
         return $pki;
     }